Our clients are often surprised that we remember their administrator or email passwords weeks or months after we last worked on their devices.
This could be because their passwords meet current standards for internet security and that we are wizards at remembering them. Or, more likely, it means their passwords are too simple.
Take John Smith for example. (Editor: We apologize in advance to John. He is a lovely person.)
When setting up his new MacBook Pro, John creates the user account, John Smith (of course) and then—knowing that leaving it blank is the worst thing he can do—he adds a password.
One can almost hear the slow click-clack typing before his confident thudding of the return key.
And so, dear readers, let’s see how secure dear John’s password is . . .
Four letters. Hmm. Let’s try ‘john’.
Or
‘jsmith’ ?
Or
‘johnsmith’ !
Using his name as the main (or only) part of the password is risky for John. And since his name is common, it’s even riskier. Nor does adding 57 or 1957 make it more secure. Many websites he’s signed up for in the past have asked for his date of birth. And, things you type on the internet seldom vanish for good.
It is also dangerous to use the name of your pet, your spouse, your children, or your grandchildren, because, as with any ‘real words’, if you are on Facebook, or are a member of those darling cockapoo mailing lists (ooojy poojy, who’s a pretty boy? You are! No, you are!), that information is out there.
Question:
If I googled your name, will I find personal information about you on this health club website or your biography on that old business website? Will I find the city you were born in? Did you once introduce yourself and your entire extended family on a forum?
Let’s be clear. If a human can discover or learn your password either by personal knowledge of you, or by searching for you online, it is too simple.
Read more about how simple your password is, and how computers make it more imperative that you secure your passwords even further here: Your password is so simple, a computer can crack it!
Answers:
So, what do we do about all this?
Creating more secure passwords is the most important thing you can do when it comes to internet (and computer) security. I have some thoughts on how to do just that in this article.
In the meantime, you might have noticed the tiny key beside the password field in some of the images here. Clicking it when you’re adding a new user, or even when you’re changing your password pulls up a scale indicating how secure Apple feels your password is.
Anything you can do to move this scale further to the right will help make your passwords more secure. But, there are other ways to achieve higher safety without making it too cumbersome. Go to Your password is so simple, a computer could crack it!.
There is one last thing of interest to mention about the above image. Somehow, ironically, the clue that John left in the Password hint box is a much more secure password by itself, even without including the ending exclamation mark. Find out about how this works here.